Prevent Hackers from Impersonating You by Sending Emails that Look Like Yours

Background

Nasir, has just received an email claiming to be from his boss, asking him to drop the current case they were investigating with good leads and take a break . He is confused because the email address is just the same as his boss.

There are chances that you have received an email claiming to be from someone or an organization but you later found out that the email was a scam and not real. Cyber criminals have devised ways to send fake emails and make it seem real by exploiting a flaw in the way the email system works. The email work using an outdated protocol called the SMTP or Simple Mail Transfer Protocol.

Criminals can easily use free malicious software to send fake emails and make them appear real by the process we call email spoofing.

To prevent email spoofing and stop hackers from sending fake emails to your users thereby making it look real you can enable some of these three options from your web hosting control panel.

Sender Policy Framework (SPF):

The ‘Sender Policy Framework’ (SPF) is an email validation system, designed to prevent unwanted emails sent using a spoofing system.

Basically, SPF helps to weed out abusive emails and also detect email forgery. It allows domain owners to publish trusted IP addresses that are authorized to send emails from the specified domains. For example, if my website “www.xyz.com” is hosted on the IP address 192.168.0.1 I can make sure only the ip address 192.168.0.1 is able to send emails out. Whenever a cyber criminal tries to send an email impersonating my website it would either end up in the spam box or gets rejected.

To configure SPF be sure to ask your web hosting company to help you set these up.